package com.whsxt.sys.common;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.whsxt.common.util.ConstantUtil;
import com.whsxt.sys.domain.Permission;
import com.whsxt.sys.domain.User;
import com.whsxt.sys.service.IPermissionService;
import com.whsxt.sys.service.IRoleService;
import com.whsxt.sys.service.IUserService;


public class UserRealm extends AuthorizingRealm{
	
	@Autowired
	@Lazy
	private IUserService iUserService;
	//授权
	
	@Autowired
	@Lazy
	private IRoleService iRoleService;
	
	@Autowired
	@Lazy
	private IPermissionService iPermissionService;
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		ResultObject ro = (ResultObject) principals.getPrimaryPrincipal();	
		List<String> premission = ro.getPremission();
		User user = ro.getUser();
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		if(user.getType()==0) {
			info.addStringPermission("*:*");
		}else {
			if(premission != null && premission.size() >0) {
				info.addStringPermissions(premission);
			}
		}
		return info;
	}
	
	//认证
	@Override
	public String getName() {
		return UserRealm.class.getSimpleName();
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		String username = token.getPrincipal().toString();
		QueryWrapper<User> queryWrapper = new QueryWrapper<User>();
		queryWrapper.eq(username!=null&&username!="","loginname", username);
		User user = iUserService.getOne(queryWrapper);
		if(user != null) {
			List<String> premission = null;
			//用户id
			Integer uid = user.getId();
			//查询用户对应的角色
			List<Integer> ridList = iRoleService.selectRidByUid(uid);
			//根据角色id查询对应的权限id
			List<Integer> pidList = iRoleService.selectPidByRid(ridList);
			//去重
			Set<Integer> set = new HashSet<Integer>();
			set.addAll(pidList);
			if(set != null && set.size()>0) {
				QueryWrapper<Permission> queryWrapper2 = new QueryWrapper<Permission>();
				queryWrapper2.eq("type", ConstantUtil.TYPE_PERMISSION);
				queryWrapper2.eq("available",ConstantUtil.AVAILABLE_TRUE);
				queryWrapper2.in("id", set);
				List<Permission> list = iPermissionService.list(queryWrapper2);
				premission = new ArrayList<String>();
				for (Permission p : list) {
					premission.add(p.getPercode());
					}
				}
			ResultObject ro = new ResultObject();
			ro.setUser(user);
			ro.setPremission(premission);
			ByteSource credentialsSalt = ByteSource.Util.bytes(user.getSalt());
			SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(ro, user.getPwd(), credentialsSalt , this.getName());
			return info; 
		}
		return null;
	}

}
